Various Huawei products use DES without any salt to encrypt passwords. Included vulnerable are the Huawei Quidway series and Huawei CX600.
586945a98792e4b79e4cdf79efe5861cf28ea94190070c0a2759e3c7de8f3a24
Ezylog Photovoltaic Management Server suffers from remote SQL injection, broken session management, hard-coded credential, and command injection vulnerabilities. The vendor has ignored the researcher.
c08de71fe982a59f6dfe14d76d8893338a491e1cf4c84021950bc3a71f354cac